Insecure default bsnmpd.conf permissions (CVE-2015-5677)
Matt Smith
fbsd at xtaz.co.uk
Thu Jan 14 17:10:48 UTC 2016
On Jan 14 12:40, Andrea Brancatelli wrote:
>Hello everybody.
>
>I just read the above security advisory. In the solution it says:
>
>"This vulnerability can be fixed by modifying the permission on
>/etc/bsnmpd.conf to owner root:wheel and permission 0600."
>
>I guess it's a typo and the correct filename is /etc/snmpd.config,
>right? There's no /etc/bsnmpd.conf in the default config...
>
I think you may be right. I don't use bsnmp so I just checked the
permissions of the existing file which were 644 and then deleted it and
ran mergemaster. mergemaster then reinstalled the missing file and the
permissions are now 600.
--
Matt
More information about the freebsd-stable
mailing list